Cape Cod Community College Hit With $800,000 Phishing Attack

In West Barnstable, Massachusetts, Cape Cod Community College recently fell victim to a phishing scam that resulted in the school losing more than $800,000. The money was taken out of the school’s bank accounts. While this kind of scam is common these days, there are measures a business can take to prevent it. In the case of Cape Cod Community College, experts believe endpoint security solutions using next-generation technology would have prevented the monetary loss for the school.

The hackers of today are quite sophisticated, and if a business falls victim to one of their scams, there is often very little they can do about it. Hackers know how to remain anonymous, and leave few if any, digital footprints to follow. This means the likelihood of recovering one’s money is little to none. That is why it is so vital to prevent these things before they happen by using proper technology.

The president of Cape Cod Community College, John Cox, revealed the financial loss via a digital theft to the staff and faculty of the school in an email on December 7. By working with the bank at which the school’s accounts were held, the school has been able to recover about $300,000 of what was stolen, which is more than most smaller businesses would be able to do. It is unlikely they will be able to recover the entire $800,000, but they might be able to get some more of the money back by working closely with the bank, as they are doing.

Details of the Digital Theft

Cox gave an interview with a local newspaper after informing the workers at the college of the theft. In the interview, he revealed many interesting details about the theft, including:

The email that allowed hackers access to the school’s bank account information appeared to come from another college, so it seemed safe to open the attachment that came with it.

After opening the attachment, the person who initially opened the email believed the attachment was suspicious and alerted the school’s IT department. Alerting the IT department is standard protocol at the school when it comes to suspicious emails and attachments.

When the IT department did a diagnostic on the attachment, they found a polymorphic computer virus embedded in it. They quarantined the virus, but it had already gotten into the school’s computer network.

The scammers had a fake URL that seemed to go to TD Bank, where the college has its accounts. By placing phony calls to school employees to validate transactions, the scammers were able to make nine transfers out of the college’s bank accounts, totaling $807,103.

The scammers attempted 12 transfers, but workers at TD Bank recognized three of them as suspicious and did not allow them to go through.

Cape Cod Community College has recently installed next-generation endpoint protection software, but only on some of their computer networks. If it had been installed on all of them, the hackers likely would not have been able to gain access to the school’s bank account information and use it to transfer out the money.

Other Schools Have Had This Issue, As Well

Cape Cod Community College is not the only school to have this kind of issue in recent times. In June of 2018, hackers stole around $1.4 million from 21 account holders in the Connecticut Higher Education Trust.

Hackers are not just after money, either. They are out to cripple the schools they target. Sometimes, they don’t steal any money at all, but instead, generate outages of the computers at a particular school. This happened to a college in Wisconsin in June of 2018, and it resulted in classes having to be canceled for three days because the computer infrastructure to support the classes, students, and employees wasn’t there.

It hasn’t just been colleges being targeted, either. K-12 schools are also targets. A public K-12 school in New Jersey lost $200,000 in September of 2018 in a phishing incident similar to the one experienced at Cape Cod Community College.

Technology Companies are Stepping Up to Help Prevent This

Technology companies are stepping up in light of such incidents, creating phishing simulators to help schools teach their employees to avoid allowing their workplaces to become the next phishing victims. They are also reaching out to schools to increase awareness of the need for next-generation endpoint protection software, and to help schools install and use it.

“My passion for quality IT service is at the forefront of my career.”

Lance Skipper Client Engineer

Matthew Morman

Always at your service to provide the highest level of quality support to our customers.

Anthony Firth Client Engineer

“I’m passionate about building and fostering relationships, and finding solutions for success.”

Michael Koenig Client Account Manager

“Enabling IT to become an effective and valuable partner by delivering premier customer service and quality IT solutions achieving business goals.”

Jake Parrott Business Development Manager

“Serving the client through IT solutions is my passion. A happy client is a happy me.”

Jason RichardsonClient Engineer

“Striving to provide friendly and quality service to our customers”

Ted Rorabaugh Client Engineer

“I help clients stabilize and grow their IT infrastructure so they can focus on growing their core business.”

Josh Wilshire Systems Engineer Team Lead

“Providing courteous, quality IT service for our customers.”

Rich Yoest Rapid Response Team Supervisor

“Striving to be your trusted adviser and IT teammate in accomplishing all your business goals”

Brandan Bishop Client Account Manager

“I strive to provide the highest level of quality service to our customers.”

Tommy Williams Sr. Hardware Engineer

“I’m driven by the steadfast belief that technology must serve as a business enabler. This mantra has driven 21
Years of successful partnerships.”

Stephen Riddick VP Sales & Marketing

“CSP doesn’t succeed unless your company succeeds.”

Stephen Allen Inventory Manager

“Through my intuition and genuine concern to help others I have built long-lasting relationships with our customers, co-workers and business partners.”

Scott Forbes VP Support Services

“Every day, I work with clients to help plan the future of their businesses.”

Michael Bowman vCIO

“Your IT problems become our IT solutions.”

Mark McLemore Project Engineer

“Managing internal and external operations to ensure that CSP provides quality and reliable customer service .”

Margie Figueroa Business Manager

“Helping customers get the most out of their IT Infrastructure.”

Marc Gillet Project Engineer

“Providing quality internal and externals financial support to our customers and accounting support to CSP.”

Katie Steiglitz Accounting Administrator

“Your satisfaction is our #1 priority.”

Heather Moore Project Manager

“Some call me the CEO. I call myself the Cheerleader for an awesome team!”